Jailbroken iPhones Hit with Another Worm

By Jeff Gamet

Nov 23rd, 2009 9:49 AM EST

Jailbroken iPhone owners are facing yet another potential security threat now that a new worm is users in the Netherlands. The new threat acts like a botnet and redirects ING online bank customers to a phishing site.

Like previous iPhone worms, this new threat works only on iPhones that have been hacked to support unauthorized third-party applications, have SSH installed, and are still using the default root password. The worm spreads between iPhones that are on the same Wi-Fi network, according to the security research firm F-Secure.

So far, the number of infected iPhones is estimated to be in the hundreds. "It's fairly isolated and specific to Netherlands but it is capable of spreading," said F-Secure research director Mikko Hypponen.

ING Bank is alerting its customers to the potential threat and is reminding them that the threat impacts only jailbroken iPhones.

The first iPhone worm to appear used a similar method to jump from iPhone to iPhone, and initially asked victims for €5. That worm was later changed to offer instructions on protecting jailbroken iPhones.

A second worm appeared shortly after, although it was far less dangerous because it only added a new locked screen graphic showing 80's pop star Rick Astley. A more dangerous worm appeared a few days later that could copy data off of a victim's iPhone.

Since the attacks all impact hacked iPhones, the safest defense is to not jailbreak your handset. For users with jailbroken iPhones, changing the root password should block the attacks as well.